IETF Logo Mail Archive

Re: [dane] Second WGLC draft-ietf-dane-smime

"John Levine" <johnl@taugh.com> Mon, 21 November 2016 14:58 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: dane@ietfa.amsl.com
Delivered-To: dane@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A9789129A90 for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 06:58:27 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NqUZJpfYLTQF for <dane@ietfa.amsl.com>; Mon, 21 Nov 2016 06:58:26 -0800 (PST)
Received: from miucha.iecc.com (abusenet-1-pt.tunnel.tserv4.nyc4.ipv6.he.net [IPv6:2001:470:1f06:1126::2]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 379991295F6 for <dane@ietf.org>; Mon, 21 Nov 2016 06:58:26 -0800 (PST)
Received: (qmail 98937 invoked from network); 21 Nov 2016 14:58:28 -0000
Received: from unknown (64.57.183.18) by mail1.iecc.com with QMQP; 21 Nov 2016 14:58:28 -0000
Date: Mon, 21 Nov 2016 14:58:03 -0000
Message-ID: <20161121145803.79462.qmail@ary.lan>
From: John Levine <johnl@taugh.com>
To: dane@ietf.org
In-Reply-To: <42510095-2182-422E-8A47-1EF3181B16F3@nist.gov>
Organization:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dane/pi52nMtp2iXNkt8vvR5fyxbT-YI>
Subject: Re: [dane] Second WGLC draft-ietf-dane-smime
X-BeenThere: dane@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: DNS-based Authentication of Named Entities <dane.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dane>, <mailto:dane-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dane/>
List-Post: <mailto:dane@ietf.org>
List-Help: <mailto:dane-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dane>, <mailto:dane-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 21 Nov 2016 14:58:28 -0000

Hi, Simson.

>To summarize the answer I received, there was concern that some email users might be using a legacy email account, not trust
>their mail provider, and want the assurance of a end-to-end encryption that is asserted by a trustworthy CA.

That's not really what I said.  If you're going to quote me, please quote me.


>I’ve thought about this response over the weekend and do not find it credible. This answer presupposes a CA system that is
>not the one that we have. Most CA S/MIME providers authenticate users based on their ability to receive email at a given
>address.  So a hostile email provider intent on intercepting encrypted email could easily spoof even a trusted CA provider
>into issuing a bogus certificate.

I certainly wouldn't disagree that the current public CA system is
screwed up.  On the other hand, there are non-public or semi-public
CAs that seem to work OK, like the DOD's.  This is throwing out the
baby with the bathwater.

But in any event, to return to my original objection, it seems quite
clear that the assumption in this document is that domains are
authorities for the identities of their users.  It should say that in
so many words rather than dancing around it.  

R's,
John

v2.23.0 | Report a Bug | By Email